Hi Everyone, I am looking to protect a webpage in my website. What I would like to do is check if the webpage has been accessed from a pre determined url.

For example:
Mywebsite.com/webpage.php should only be accessed from predetermined.com/url?id=var

I have been doing some digging around and found the following.

$url = 'http://'. $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];

But I am lost with how to check if the url and var is correct. What I am trying to do is stop users going directly to
Mywebsite.com/webpage.php and only allow users to access the webpage from predetermined.com/url?id=var

Hope that makes sence,

Member Avatar

headers can be spoofed so $_SERVER variables aren't foolproof. Using a hash in the url based on a session could prove helpful


Hi, how would i check if the url is from predetermined.com/url?id=var&conf=hash

Member Avatar

Oh drat. I misread the question - sorry. I assumed it was something else. Too many late nights! Do you own the predetermined site or have any access to the url that is created? i.e. could you change the querystring to suit your needs?